package com.ktjiaoyu.ktmall.utils;

import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Base64;
import java.util.Date;
import java.util.TimeZone;

public class OSSUtil {
    private static final String ACCESS_KEY_ID = "LTAI5tLh3CyvPkw9s6zh8Hvj";
    private static final String ACCESS_KEY_SECRET = "XKJmdZI2noYe5nBxNd0OuFIwRfECN7";
    private static final String BUCKET = "cjlktmall";
    private static final String ENDPOINT = "oss-cn-guangzhou.aliyuncs.com";
    private static final String HOST = "https://" + BUCKET + "." + ENDPOINT;

    public static JSONObject getPolicy() {
        try {
            long expireTime = 30;
            long expireEndTime = System.currentTimeMillis() + expireTime * 1000;
            Date expiration = new Date(expireEndTime);

            // 设置上传的权限
            JSONArray conditions = new JSONArray();
            JSONArray sizeCondition = new JSONArray();
            sizeCondition.add("content-length-range");
            sizeCondition.add(0);
            sizeCondition.add(10485760);
            conditions.add(sizeCondition);

            // 设置上传的目录
            JSONArray dirCondition = new JSONArray();
            dirCondition.add("starts-with");
            dirCondition.add("$key");
            dirCondition.add("images/");
            conditions.add(dirCondition);

            // 创建policy
            JSONObject policy = new JSONObject();
            policy.put("expiration", toGMTString(expiration));
            policy.put("conditions", conditions);

            // 返回数据
            JSONObject result = new JSONObject();
            String policyString = policy.toJSONString();
            String encodedPolicy = Base64.getEncoder().encodeToString(policyString.getBytes(StandardCharsets.UTF_8));
            String signature = hmacSHA1Signature(ACCESS_KEY_SECRET, encodedPolicy);
            result.put("accessid", ACCESS_KEY_ID);
            result.put("policy", encodedPolicy);
            result.put("signature", signature);
            result.put("dir", "images/");
            result.put("host", HOST);
            return result;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static String hmacSHA1Signature(String accessKeySecret, String encodedPolicy)
            throws NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = Mac.getInstance("HmacSHA1");
        SecretKeySpec keySpec = new SecretKeySpec(accessKeySecret.getBytes(StandardCharsets.UTF_8), mac.getAlgorithm());
        mac.init(keySpec);
        byte[] hash = mac.doFinal(encodedPolicy.getBytes(StandardCharsets.UTF_8));
        return Base64.getEncoder().encodeToString(hash);
    }

    private static String toGMTString(Date date) {
        SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
        sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
        return sdf.format(date);
    }
}
